The download_selection_recursive() function in ftplist.c for IglooFTP 0.6.1 allows remote malicious FTP servers to overwrite arbitrary files via filenames that contain / (slash) characters. Date published : 2004-12-22 http://tigger.uic.edu/~jlongs2/holes/iglooftp2.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18561
IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened...
Buffer overflow in the remove_quote function in convert.c for html2hdml 1.0.3 allows remote attackers to execute arbitrary code via a crafted HTML file. Date published : 2004-12-22 http://tigger.uic.edu/~jlongs2/holes/html2hdml.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18556
The DownloadLoop function in main.c for greed 0.81p allows remote attackers to execute arbitrary code via a GRX file containing a filename with shell metacharacters. Date published : 2004-12-22 http://tigger.uic.edu/~jlongs2/holes/greed.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18634
Buffer overflow in the DownloadLoop function in main.c for greed 0.81p allows remote attackers to execute arbitrary code via a GRX file containing a long filename. Date published : 2004-12-22 http://tigger.uic.edu/~jlongs2/holes/greed.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18633
Buffer overflow in the save_embedded_address function in filter.c for elm/bolthole filter 2.6.1 allows remote attackers to execute arbitrary code via a crafted email message. Date published : 2004-12-22 http://tigger.uic.edu/~jlongs2/holes/elm-bolthole-filter.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18607
Buffer overflow in the dxfin function in d.c for dxfscope 0.2 allows remote attackers to execute arbitrary code via a crafted DXF file. Date published : 2004-12-22 http://tigger.uic.edu/~jlongs2/holes/dxfscope.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18558
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different...
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail. Date published : 2004-12-22 http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml...
lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors. Date published...
Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file. Date published : 2004-12-22 http://www.gentoo.org/security/en/glsa/glsa-200412-25.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:008
Buffer overflow in the get_field_headers function in csv2xml.cpp for csv2xml 0.5.1 allows remote attackers to execute arbitrary code via a crafted CSV file. Date published : 2004-12-22 http://tigger.uic.edu/~jlongs2/holes/csv2xml.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18602
Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the convex-tool program in Convex 3D 0.8pre1 allows remote attackers to execute arbitrary code via a crafted 3DS file. Date published : 2004-12-22 http://tigger.uic.edu/~jlongs2/holes/convex3d.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18601
Buffer overflow in the simplify_path function in config.c for ChBg 1.5 allows remote attackers to execute arbitrary code via a crafted chbg scenario file. Date published : 2004-12-22 http://www.debian.org/security/2005/dsa-644 http://www.mandriva.com/security/advisories?name=MDKSA-2005:027